Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/12/09 10:59 a.m.3 views

Security Bulletin: IBM Documentation Offline is vulnerable to `Node.js ReadFileUtf8 and HTTP Parser flaws` due to Node.js (CVE-2025-23165, CVE-2025-23167)

Summary IBM Documentation Offline utilizes Node.js as a third-party component, which contains two vulnerabilities that could potentially affect your product's stability and security. CVE-2025-23165 CVSS: 3.7 is a Denial of Service DoS vulnerability in the ReadFileUtf8 internal binding. Repeated u...

7.5CVSS6.8AI score0.0056EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2025/01/28 10:8 p.m.22 views

Security Bulletin: IBM Security SOAR is vulnerable to denial of service (CVE-2024-45296)

Summary IBM Security SOAR was using a UI component which contained a vulnerability that could lead to a client-side regular expression denial of service CVE-2024-45296. The vulnerable component has been removed from the UI. Please upgrade to IBM Security SOAR version 51.0.4.0 or later...

7.5CVSS7.1AI score0.00066EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/07/17 2:49 p.m.59 views

Security Bulletin: IBM MaaS360 Cloud Extender VPN Module affected by vulnerability (CVE-2024-4741)

Summary Vulnerability contained within OpenSSL a 3rd party component was addressed in the IBM MaaS360 VPN Module. Vulnerability Details CVEID:CVE-2024-4741 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the...

7.5CVSS7.8AI score0.00359EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/06/21 11:20 a.m.24 views

Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities (CVE-2023-46589)

Summary IBM Security SOAR uses an older version of ElasticSearch that may be identified and exploited. An update has been released which addresses these issues. It is recommended upgrading to Version 51.0.2.1 or later of IBM Security SOAR. Vulnerability Details CVEID:CVE-2024-23450 DESCRIPTION:...

7.5CVSS6.5AI score0.53735EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/05/13 2:27 p.m.34 views

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVEs listed in this document might affect some configurations of IBM WebSphere Application Server traditiona...

7.5CVSS5.2AI score0.00339EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/03/05 8:50 a.m.32 views

Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities (CVE-2023-46589)

Summary IBM Security SOAR uses an older version of Apache Tomcat that may be identified and exploited. An update has been released which addresses these issues. It is recommended upgrading to Version 51.0.0.2 or later of IBM Security SOAR. Vulnerability Details CVEID:CVE-2023-46589 DESCRIPTION:...

7.5CVSS7.5AI score0.53735EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/01/15 11:33 a.m.40 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Node.js

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to denial of service due to Node.js CVE-2023-44487. Vulnerability Details CVEID:CVE-2023-44487 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a flaw in handling...

7.5CVSS7.7AI score0.944EPSS
Exploits19Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2023/12/23 9:54 a.m.39 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability [CVE-2023-46604]

Summary IBM Security SOAR uses an older version of Apache ActiveMQ that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended customers upgrade to the latest applicable fix pack. CVE-2023-46604 Vulnerability Details...

10CVSS9.8AI score0.94436EPSS
Exploits30Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/09/14 5:23 p.m.26 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to HTTP header injection due to Go CVE-2023-29406

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to HTTP header injection due to Go CVE-2023-29406 with details below. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-29406 DESCRIPTION: Golang Go is vulnerable to HTTP head...

6.5CVSS7.2AI score0.00344EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2023/08/18 8:23 a.m.30 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to remote information transfer due to CouchDB CVE-2023-26268

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to remote information transfer due to CouchDB CVE-2023-26268 with details below. Vulnerability Details CVEID:CVE-2023-26268 DESCRIPTION: Apache CouchDB could allow a remote authenticated attacker to obtain sensitive...

5.3CVSS4.9AI score0.00055EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/08/01 4:3 p.m.34 views

Security Bulletin: Decision Optimization for Cloud Pak for Data is vulnerable to a server-side request forgery (CVE-2023-28155).

Summary The Node.js Request module vulnerability used by Decision Optimization for Cloud Pak for Data has been addressed. Vulnerability Details CVEID:CVE-2023-28155 DESCRIPTION: Node.js Request module is vulnerable to server-side request forgery, caused by a cross-protocol redirect bypass flaw. B...

6.1CVSS6.1AI score0.00557EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/18 2:2 p.m.40 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Node.js Request module denial of service vulnerabilitiy [ CVE-2023-28155]

Summary Potential Node.js Request module denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-28155 Vulnerability Details...

6.1CVSS6.3AI score0.00557EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/07/05 9:11 p.m.37 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to containerd security bypass and denial of service vulnerabilities( CVE-2023-25173, CVE-2023-25153)

Summary Potential containerd security bypass and denial of service vulnerabilities CVE-2023-25173, CVE-2023-25153 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-25173 DESCRIPTIO...

7.8CVSS6.7AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/06/29 5:28 p.m.45 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to Go [CVE-2023-24539 and CVE-2023-24540]

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to remote code injection due to Go CVE-2023-24539 and CVE-2023-24540, with details below. IBM has addressed the vulnerabilities. Vulnerability Details CVEID:CVE-2023-24539 DESCRIPTION: Go is vulnerabl...

9.8CVSS9.1AI score0.00289EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2023/06/29 1:30 p.m.29 views

Security Bulletin: IBM Decision Optimization in IBM Cloud Pak for Data is vulnerable to a xml2js vulnerability (CVE-2023-0842)

Summary Xmljs is used in IBM Decision Optimization in IBM Cloud Pak for Data. IBM Decision Optimization in IBM Cloud Pak for Data has addressed the reported vulnerability. Vulnerability Details CVEID:CVE-2023-0842 DESCRIPTION: xml2js could allow a remote attacker to execute arbitrary code on the...

5.3CVSS6AI score0.00291EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/06/29 1:25 p.m.38 views

Security Bulletin: IBM Decision Optimization in IBM Cloud Pak for Data is vulnerable to Golang Go vulnerability (PRISMA-2022-0270)

Summary Golang Go is used IBM Decision Optimization in IBM Cloud Pak for Data. IBM Decision Optimization in IBM Cloud Pak for Data has addressed the reported vulnerability. Vulnerability Details IBM X-Force ID: 250518 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by a token...

6.6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/06/29 1:24 p.m.29 views

Security Bulletin: IBM Decision Optimization in IBM Cloud Pak for Data is vulnerable to YAML denial of service (CVE-2023-2251)

Summary YAML is used in IBM Decision Optimization in IBM Cloud Pak for Data. IBM Decision Optimization in IBM Cloud Pak for Data has addressed the reported vulnerability. Vulnerability Details CVEID:CVE-2023-2251 DESCRIPTION: YAML is vulnerable to a denial of service, caused by an uncaught...

7.5CVSS7.3AI score0.00574EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/04/24 2:13 p.m.28 views

Security Bulletin: IBM Safer Payment affected by OpenSSL Racoon Attack (CVE-2020-1968)

Summary IBM Safer Payments uses OpenSSL. This vulnerability is addressed. Vulnerability Details CVEID:CVE-2020-1968 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a Raccoon attack in the TLS specification. By computing the pre-master secret in...

4.3CVSS3.8AI score0.01042EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/04/17 1:11 p.m.59 views

Security Bulletin: There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25881)

Summary There is a security vulnerability in Node.js http-cache-semantics module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite Vulnerability Details CVEID:CVE-2022-25881 DESCRIPTION: Node.js http-cache-semantics module is vulnerable to a denial of service, caused by a...

7.5CVSS6.9AI score0.00175EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/03/29 9:34 a.m.54 views

Security Bulletin: There is a security vulnerability in snakeYAML used by IBM Maximo Data Loader (CVE-2022-1471)

Summary There is a security vulnerability in snakeYAML used by IBM Maximo Data Loader Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the Constructor class...

9.8CVSS9.3AI score0.93849EPSS
Exploits7Affected Software1
Rows per page
Query Builder